DKIM Record - Explained


SPF, DMARC and, DKIM are the email security protocols used by companies or businesses to prevent various phishing attacks. Phishing and email spam are the biggest opportunities for hackers to enter the network. If a user clicks on a malicious email attachment, it can compromise an entire enterprise with ransomware, crypto-jacking scripts, data leakages, or privilege escalation exploits.

Source - From the Internet

DKIM is an acronym for DomainKeys Identified Mail. When sending an email from a server that has DKIM configured, the server will hash the body and the header of the email separately. It will then,  create a signature with a private key which will send along with the email.


When the receiver receives the email, it will do a DNS request to the domain that the email claim it is from. By doing so, the receiver will get the public key which is the DKIM record. It will then with the key can verify whether the signature is correct or not, and by doing so it will confirm that the sender is genuine and the mail has not been manipulated on its way there.


CHECKING FOR DKIM RECORDS

DKIM Records Lookup by MX Toolbox
  • Enter the domain name and selector (A DKIM selector is text, that is added with the domain to create a unique DNS record used during DKIM. This allows multiple keys to existing under one domain which allows for different signatures to be created by different systems, date ranges, or third-party services). For example, GitHub.com.
  • If you get the results in the following way that means the website has DKIM records and it's safe.

If the website does not have the Records, check the below section.

Create DKIM Records

Ideally, your mail server will provide a tool that allows you to create the information right on the server. (For SmarterMail users, information on “Setting Up Email Signing” is available in the Help documentation). Regardless of how you create your record, the following information is part of it:
  • s - This is the selector and it indicates the record “name” used with the domain to locate the public key in DNS. The sender creates this (again, ideally automatically).
  • d - This indicates the domain, used by the sender. Used with the selector record and helps locate the public key.
  • p - This is the actual public key that gets published to DNS as part of the record. Therefore, it will look like a random set of upper and lower case letters, numbers, and some punctuation marks.

These are the three key parts of a DKIM record. Other tags are available, but these three are the most commonly used. Therefore, a typical DKIM record will look like this:

2B8U4DAB93D58YR._domainKey.yourdomain.com;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1TaNgLlSyQMNWVLNLvyY/neDgaL2oqQE8T5illKqCgDtFHc8eHVAU+nlcaGmrKmDMw9dbgiGk1ocgZ56NR4ycfUHwQhvQPMUZw0cveel/8EAGoi/UyPmqfcPibytH81NFtTMAxUeM4Op8A6iHkvAMj5qLf4YRNsTkKAV

In the above, you’ll find the following:

  • Selector (s): 2B8U4DAB93D58YR
  • Domain (d): yourdomain.com
  • Public Key (p): MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1TaNgLlSyQMNWVLNLvyY/neDgaL2oqQE8T5illKqCgDtFHc8eHVAU+nlcaGmrKmDMw9dbgiGk1ocgZ56NR4ycfUHwQhvQPMUZw0cveel/8EAGoi/UyPmqfcPibytH81NFtTMAxUeM4Op8A6iHkvAMj5qLf4YRNsTkKAV
The other information in the record will be added automatically, but it is generally the same regardless of how the record is created. (I.e., _domainKey).
You might also be interested in,

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment